<?php
# !!!!!!!!!! DON'T MAKE ANY CHANGE IF YOU DON'T KNOW WHAT YOU'RE DOING !!!!!!!!!!
// --------------------------------------------------------------------------------------------------------------
// File Name              :	login.php
// Last Modification Time	:	2008-02-01 24:00
// Last Modified by       :	turker (turker.biz@gmail.com)
// list of modifications	:
//
//	- 2008-02-01 turker
//		* 24:00 file created.
//
// --------------------------------------------------------------------------------------------------------------
if (eregi("login.php",$_SERVER['PHP_SELF'])) {
	header ("Location:../index.php");
	exit;
}
?>
<!--div:icerik -->
    <div id="icerik">
      <p>
<?php
if (isLogged()) echo $_LANG['login']['error1'];
elseif (empty($_POST)) {
  $action='index.php?page=login';
  if ($SITE_SEO) $action=$SITE_URL.'/login';
?>
<script type="text/javascript">
$(document).ready(function(){
  $("#login").click(function(){
    $("#login").val(" <?php echo $_LANG['login']['plswait']; ?> ");
    $("#login").attr("disabled","disabled");
    var mail=$.trim($("#email").val());
    var pass=$.trim($("#pass").val());
    if (mail.length<6||mail.length>55) {
      alert("<?php echo $_LANG['login']['error2']; ?>.");
      $("#email").focus();
    }
    else if (pass.length<5||pass.length>15) {
      alert("<?php echo $_LANG['login']['error3']; ?>");
      $("#pass").focus();
    }
    else {
      $.ajax({
      	data:"do=checkLogin&email="+mail+"&pass="+pass,
      	success: function(r) {
      	  if (r!='ok') {
            alert(r);
            $("#email").focus();
      	  }
      	  else $("#loginForm").submit();
      	}
      });
    }
    $("#login").val(" <?php echo $_LANG['login']['login']; ?> ");
    $("#login").attr("disabled","");
  });
});
</script>
    <form method="post" action="<?php echo $action; ?>" id="loginForm" class="box">
      <label><?php echo $_LANG['general']['email'];?>:</label> <input type="text" maxlength="55" name="email" id="email"  /><br />
      <label><?php echo $_LANG['general']['pass'];?>:</label> <input type="password" maxlength="15" name="pass" id="pass" /><br />
      <label></label><input type="button" value=" <?php echo $_LANG['login']['login'];?> " id="login" class="input-submit" />
    </form><br />
<?php
  if (!$SITE_SEO) {
    echo '<a href="index.php?page=lostpass" class="mlink">'.$_LANG['general']['lostpw'].'</a> ';
    if ($USER_EMAL_VALID) echo ' | <a href="index.php?page=sendact" class="mlink">'.$_LANG['general']['sendact'].'</a>';
  }
  else {
    echo '<a href="'.$SITE_URL.'/lostpass" class="mlink">'.$_LANG['general']['lostpw'].'</a>';
    if ($USER_EMAL_VALID) echo ' | <a href="'.$SITE_URL.'/sendact" class="mlink">'.$_LANG['general']['sendact'].'</a>';
  }
}
else {
  $email=@$_POST['email'];
  $password=@$_POST['pass'];

  # check POST
  $valid=new Validation();
  $valid->inRange($email,55,6,$_LANG['login']['error2']);
  $valid->inRange($password,15,5,$_LANG['login']['error3']);
  $valid->checkEmail($email,$_LANG['general']['imail']);

  if ($valid->isError()) $valid->listErrors();
  else { #no error
    $email=$mysql->escape($email);
    $password=md5(strrev(md5($mysql->escape($password))));

    //id, email, password, name, lang, date, level, bdate, gender, phone, address, city
    $q=$mysql->query("select * from $USERS_TABLE where email='$email' and password='$password'");
    if ($mysql->numRows($q)==1) {
      $read=$mysql->fetch($q);
      /*
    	0 : yeni kayıt
    	1 : email doğrulamış
    	2 : yönetici onaylamış
    	3 : rezerve
    	4 : rezerve
    	5 : yönetici
    	*/
      if ($read['level']>0) {
        $_SESSION['user']=$read;
        $_SESSION['logged']=1;
        $_SESSION['lang']=$read['lang'];
        header("location:$SITE_URL/");
      }
      else {
        echo $_LANG['login']['error4'];
        if (!$SITE_SEO) echo '<a href="index.php?page=sendact">'.$_LANG['general']['sendact'].'</a>';
        else echo '<a href="'.$SITE_URL.'/sendact">'.$_LANG['general']['sendact'].'</a>';
      } // else
    }
    else '<br />'.$_LANG['login']['error5'];
  }
}
?>
      </p>
    </div>
<!--//div:icerik -->